Skip to content

/ Zope / gocept svn checkins / Archive / 2008 / 2008-12 / SVN: r7109 - in gocept.infrastructure/testing: . portage-gocept/app-backup/gocept-backup puppet/manifests/classes puppet/modules/app_admin/files puppet/modules/app_admin/templates puppet/modules/net_analyzer/files/nagios puppet/modules/net_analyzer/files/nagios/globals puppet/modules/net_analyzer/templates puppet/modules/net_analyzer/templates/nagios puppet/modules/sys_apps/files puppet/modules/sys_apps/manifests puppet/modules/sys_apps/templates puppet/modules/sys_fs puppet/modules/sys_portage/templates puppet/modules/www_nginx puppet/modules/www_nginx/manifests

[ << ] [ >> ]

[ SVN: r7108 - in gocept.infrastructure/feature_moni... ] [ SVN: r7110 - gocept.infrastructure/feature_monitor... ]

SVN: r7109 - in gocept.infrastructure/testing: . portage-gocept/app-backup/gocept-backup puppet/manifests/classes puppet/modules/app_admin/files puppet/modules/app_admin/templates puppet/modules/net_analyzer/files/nagios puppet/modules/net_analyzer/files/nagios/globals puppet/modules/net_analyzer/templates puppet/modules/net_analyzer/templates/nagios puppet/modules/sys_apps/files puppet/modules/sys_apps/manifests puppet/modules/sys_apps/templates puppet/modules/sys_fs puppet/modules/sys_portage/templates puppet/modules/www_nginx puppet/modules/www_nginx/manifests
Christian Kauhaus <kc(at)gocept.com>		 2008-12-01 12:52:39 [ FULL ] 
Author: ckauhaus
Date: Mon Dec  1 12:52:37 2008
New Revision: 7109

Log:
merged feature_monitoring_66066


Modified:
   gocept.infrastructure/testing/   (props changed)
  
gocept.infrastructure/testing/portage-gocept/app-backup/gocept-backup/gocept-backup-0.8.ebuild
  (props changed)
   gocept.infrastructure/testing/puppet/manifests/classes/location.pp   (props
changed)
  
gocept.infrastructure/testing/puppet/modules/app_admin/files/generate-groups.sh
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/app_admin/files/generate-people.sh
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/app_admin/templates/puppetmaster.cron.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/globals/templates.cfg
  (contents, props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/nagios.cfg
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/nrpe.cfg
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/cgi.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/contacts.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/host.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/service.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/trafficclient.conf.erb
  (props changed)
   gocept.infrastructure/testing/puppet/modules/sys_apps/files/   (props
changed)
   gocept.infrastructure/testing/puppet/modules/sys_apps/files/conf.d_net
  
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/network_interface.pp
  (props changed)
   gocept.infrastructure/testing/puppet/modules/sys_apps/templates/   (props
changed)
  
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
   gocept.infrastructure/testing/puppet/modules/sys_fs/   (props changed)
  
gocept.infrastructure/testing/puppet/modules/sys_portage/templates/make.conf.erb
  (props changed)
   gocept.infrastructure/testing/puppet/modules/www_nginx/   (props changed)
   gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp  
(props changed)

Modified:
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/globals/templates.cfg
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/globals/templates.cfg	(original)
+++
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/globals/templates.cfg	Mon
Dec  1 12:52:37 2008
(at)(at) -44,7 +44,7 (at)(at)
     normal_check_interval           10
     retry_check_interval            2
     notification_options            w,u,c,r,f,s
-    notification_interval           60
+    notification_interval           120
     notification_period             24x7
 }
 

Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/files/conf.d_net
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/files/conf.d_net	(original)
+++ gocept.infrastructure/testing/puppet/modules/sys_apps/files/conf.d_net	Mon
Dec  1 12:52:37 2008
(at)(at) -13,56 +13,53 (at)(at)
 # taken from net.example
 
 depend() {
-	functions interface_exists
+        functions interface_exists
 }
 
 postup() {
-       # Here is an example that allows the use of iproute rules
-       # which have been configured using the rules_eth0 variable.
-       #rules_eth0=(
-       #       "from 24.80.102.112/32 to 192.168.1.0/24 table localnet
priority 100"
-       #       "from 216.113.223.51/32 to 192.168.1.0/24 table localnet
priority 100"
-       #)
-       local x="rules_${IFVAR}[(at)]"
-       local -a rules=( "${!x}" )
-       if [[ -n ${rules} ]] ; then
-               einfo "Adding IP policy routing rules"
-               eindent
-               # Ensure that the kernel supports policy routing
-               if ! ip rule list | grep -q "^" ; then
-                       eerror "You need to enable IP Policy Routing
(CONFIG_IP_MULTIPLE_TABLES)"
-                       eerror "in your kernel to use ip rules"
-               else
-                       for x in "${rules[(at)]}" ; do
-                               ebegin "${x}"
-                               ip rule add ${x}
-                               eend $?
-                       done
-               fi
-               eoutdent
-               # Flush the cache
-               ip route flush cache dev "${IFACE}"
-       fi
-
+        # Here is an example that allows the use of iproute rules
+        # which have been configured using the rules_eth0 variable.
+        #rules_eth0=(
+        #       "from 24.80.102.112/32 to 192.168.1.0/24 table localnet
priority 100"
+        #)
+        local x="rules_${IFVAR}[(at)]"
+        local -a rules=( "${!x}" )
+        if [[ -n ${rules} ]] ; then
+                einfo "Adding IP policy routing rules"
+                eindent
+                # Ensure that the kernel supports policy routing
+                if ! ip rule list | grep -q "^" ; then
+                        eerror "You need to enable IP Policy Routing
(CONFIG_IP_MULTIPLE_TABLES)"
+                        eerror "in your kernel to use ip rules"
+                else
+                        for x in "${rules[(at)]}" ; do
+                                ebegin "${x}"
+                                ip rule add dev ${IFACE} ${x}
+                                eend $?
+                        done
+                fi
+                eoutdent
+                # Flush the cache
+                ip route flush cache dev "${IFACE}"
+        fi
+        return 0
 }
 
 postdown() {
-       # Automatically erase any ip rules created in the example postup above
-       if interface_exists "${IFACE}" ; then
-               # Remove any rules for this interface
-               local rule
-               ip rule list | grep " iif ${IFACE}[ ]*" | {
-                       while read rule ; do
-                               rule="${rule#*:}"       
-                               ip rule del ${rule}
-                       done
-               }
-               # Flush the route cache
-               ip route flush cache dev "${IFACE}"
-       fi
-
-       # Return 0 always
-       return 0
+        # Automatically erase any ip rules created in the example postup above
+        if interface_exists "${IFACE}" ; then
+                # Remove any rules for this interface
+                local rule
+                ip rule list | grep " iif ${IFACE}[ ]*" | {
+                        while read rule ; do
+                                rule="${rule#*:}"
+                                ip rule del ${rule}
+                        done
+                }
+                # Flush the route cache
+                ip route flush cache dev "${IFACE}"
+        fi
+        return 0
 }
 
 # vim: set ft=sh:

Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb	(original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb	Mon
Dec  1 12:52:37 2008
(at)(at) -1,25 +1,25 (at)(at)
 # Managed by Puppet: do not edit this file directly. It will be overwritten!
 <%
-    require 'ipaddr'
-    # We assume that the default gateway is the first address in a IP net.
-    def default_gateway(network)
-        gateway_override = scope.lookupvar('location::ip4_gw_'+iface)
-        if not gateway_override.blank? then
-            return gateway_override
-        else
-            return (IPAddr.new(network) | 1)
-        end
+require 'ipaddr'
+# We assume that the default gateway is the first address in a IP net.
+def default_gateway(network)
+    gateway_override = scope.lookupvar('location::ip4_gw_'+iface)
+    if not gateway_override.blank? then
+        return gateway_override
+    else
+        return (IPAddr.new(network) | 1)
     end
+end
 
-    if bridged
-        net_device = "br#{iface}"
+if bridged
+    net_device = "br#{iface}"
 -%>
 config_eth<%= iface %>=( "null" )
 bridge_br<%= iface %>="eth<%= iface %>"
 <%
-    else
-        net_device = "eth#{iface}"
-    end
+else
+    net_device = "eth#{iface}"
+end
 -%>
 
 <% if not ip4.blank? %>
SVN: r7308 - in gocept.infrastructure/testing: . portage-gocept/app-backup/gocept-backup puppet/manifests/classes puppet/modules/app_admin/files puppet/modules/app_admin/manifests puppet/modules/app_admin/templates puppet/modules/net_analyzer/files/nagios puppet/modules/net_analyzer/files/nagios/globals puppet/modules/net_analyzer/templates puppet/modules/net_analyzer/templates/nagios puppet/modules/sys_apps/files puppet/modules/sys_apps/manifests puppet/modules/sys_apps/templates puppet/modules/sys_fs puppet/modules/sys_portage/templates puppet/modules/www_nginx puppet/modules/www_nginx/manifests puppet/plugins/puppet/parser/functions
Christian Theune <ct(at)gocept.com>		 2008-12-17 14:57:35 [ FULL ] 
Author: ctheune
Date: Wed Dec 17 14:57:31 2008
New Revision: 7308

Log:
Merge feature network config.



Added:
  
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/index2addr.rb
      - copied unchanged from r7305,
gocept.infrastructure/feature_network_config/puppet/plugins/puppet/parser/functions/index2addr.rb
  
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/lookup_default_gw.rb
      - copied unchanged from r7305,
gocept.infrastructure/feature_network_config/puppet/plugins/puppet/parser/functions/lookup_default_gw.rb
  
gocept.infrastructure/testing/puppet/plugins/puppet/parser/functions/lookup_net.rb
      - copied unchanged from r7305,
gocept.infrastructure/feature_network_config/puppet/plugins/puppet/parser/functions/lookup_net.rb
Modified:
   gocept.infrastructure/testing/   (props changed)
  
gocept.infrastructure/testing/portage-gocept/app-backup/gocept-backup/gocept-backup-0.8.ebuild
  (props changed)
   gocept.infrastructure/testing/puppet/manifests/classes/location.pp  
(contents, props changed)
  
gocept.infrastructure/testing/puppet/modules/app_admin/files/generate-groups.sh
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/app_admin/files/generate-people.sh
  (props changed)
   gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
  
gocept.infrastructure/testing/puppet/modules/app_admin/templates/fileserver.conf.erb
  
gocept.infrastructure/testing/puppet/modules/app_admin/templates/puppetmaster.cron.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/globals/templates.cfg
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/nagios.cfg
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/files/nagios/nrpe.cfg
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/cgi.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/contacts.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/host.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/nagios/service.cfg.erb
  (props changed)
  
gocept.infrastructure/testing/puppet/modules/net_analyzer/templates/trafficclient.conf.erb
  (props changed)
   gocept.infrastructure/testing/puppet/modules/sys_apps/files/   (props
changed)
  
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp
  
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/network_interface.pp
  (contents, props changed)
   gocept.infrastructure/testing/puppet/modules/sys_apps/templates/   (props
changed)
  
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
   gocept.infrastructure/testing/puppet/modules/sys_fs/   (props changed)
  
gocept.infrastructure/testing/puppet/modules/sys_portage/templates/make.conf.erb
  (props changed)
   gocept.infrastructure/testing/puppet/modules/www_nginx/   (props changed)
   gocept.infrastructure/testing/puppet/modules/www_nginx/manifests/nginx.pp  
(props changed)

Modified: gocept.infrastructure/testing/puppet/manifests/classes/location.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/manifests/classes/location.pp	(original)
+++ gocept.infrastructure/testing/puppet/manifests/classes/location.pp	Wed Dec
17 14:57:31 2008
(at)(at) -12,11 +12,17 (at)(at)
         comment => "HLkomm ZNK Leipzig"
     }
     $suffix = "gocept.net"
-    $networks = "213.187.85.128/26 217.69.239.128/25 2001:470:9aaf:10::/56"
-    $ip4_gw_fe = "213.187.85.190"
+
+    $ip4net_fe = "213.187.85.128/26"
+    $ip4net_srv = "217.69.239.128/25"
+    $ip4net_sto = "192.168.86.0/24"
+
+    $ip4_gw_fe = "62"
+
     $ip6net_fe = "2001:470:9aaf:12::/64"
     $ip6net_srv = "2001:470:9aaf:13::/64"
     $ip6net_sto = "2001:470:9aaf:14::/64"
+
     $puppetmaster = "stampy.rzl.gocept.net"
     $ldap_server = "ldap.gocept.com"
     $nameservers = "213.187.85.129 195.62.106.5"
(at)(at) -31,10 +37,15 (at)(at)
         comment => "gocept office Halle"
     }
     $suffix = "gocept.com"
-    $networks = "195.62.106.0/25 2001:470:9aaf::/56"
+
+    $ip4net_fe = "195.62.106.0/27"
+    $ip4net_srv = "195.62.106.32/27"
+    $ip4net_sto = "192.168.23.0/24"
+
     $ip6net_fe = "2001:470:9aaf:2::/64"
     $ip6net_srv = "2001:470:9aaf:3::/64"
     $ip6net_sto = "2001:470:9aaf:4::/64"
+
     $puppetmaster = "stampy.whq.gocept.com"
     $ldap_server = "ldap.whq.gocept.com"
     $nameservers = "195.62.106.5 213.187.85.129"

Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp	(original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/manifests/puppet.pp	Wed
Dec 17 14:57:31 2008
(at)(at) -28,8 +28,6 (at)(at)
     file {
         "/etc/puppet/puppet.conf":
             content => template("app_admin/puppet.conf.erb");
-        "/etc/puppet/fileserver.conf":
-            content => template("app_admin/fileserver.conf.erb");
         "/etc/cron.d/puppet":
             content => template("app_admin/cron.d_puppet.erb"),
             mode => "0644";
(at)(at) -65,6 +63,8 (at)(at)
         "/etc/cron.hourly/puppetmaster":
             content => template("app_admin/puppetmaster.cron.erb"),
             mode => 0711;
+        "/etc/puppet/fileserver.conf":
+            content => template("app_admin/fileserver.conf.erb");
         ["/var/lib/puppet/state", "/var/lib/puppet/hosts"]:
             ensure => directory,
             owner => "puppet";

Modified:
gocept.infrastructure/testing/puppet/modules/app_admin/templates/fileserver.conf.erb
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/app_admin/templates/fileserver.conf.erb	(original)
+++
gocept.infrastructure/testing/puppet/modules/app_admin/templates/fileserver.conf.erb	Wed
Dec 17 14:57:31 2008
(at)(at) -17,6 +17,6 (at)(at)
     allow ::/64
     allow 192.168.0.0/16
     allow 195.62.106.0/25
-<% scope.lookupvar('location::networks').split.each do |net| -%>
-    allow <%= net %>
-<% end -%>
+    allow <%= scope.lookupvar('location::ip4net_srv') %>
+    allow <%= scope.lookupvar('location::ip4net_fe') %>
+    allow <%= scope.lookupvar('location::ip4net_sto') %>

Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp	(original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/baselayout.pp	Wed
Dec 17 14:57:31 2008
(at)(at) -18,19 +18,16 (at)(at)
         "srv":
             mac => $mac_srv,
             ip4 => $ip4_srv,
-            ip6net => $ip6_srv,
             bridged => $machine::network_bridged,
             canonical_alias => $machine::canonical_alias;
         "sto":
             mac => $mac_sto,
             ip4 => $ip4_sto,
-            ip6net => $ip6_sto,
             bridged => $machine::network_bridged,
             mtu => 9000;
         "fe":
             mac => $mac_fe,
             ip4 => $ip4_fe,
-            ip6net => $ip6_fe,
             bridged => $machine::network_bridged,
             extra_alias => $fqdn_fe
     }

Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/network_interface.pp
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/network_interface.pp	(original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/manifests/network_interface.pp	Wed
Dec 17 14:57:31 2008
(at)(at) -2,26 +2,31 (at)(at)
 # See also LICENSE.txt
 
 # Generate all necessary configurations for a single network interface.
-# If there is a MAC address but no IP address given, configure 'null'
interfaces.
-define sys_apps::network_interface($mac = false, $ip4 = false, $ip6net =
false,
-                                   $extra_alias = false,
-                                   $canonical_alias = false, $mtu = false,
-                                   $bridged = false) {
+# If there is a MAC address but no IP address given, configure 'null'
+# interfaces.
+define sys_apps::network_interface($mac=false, $ip4=false,
+                                   $extra_alias=false,
+                                   $canonical_alias=false, $mtu=false,
+                                   $bridged=false) {
 
     $iface = $name
     $fullname = "$hostname.$iface.$location.${location::suffix}"
     $vlan = lookup_vlan($name)
+    $ip4_net = lookup_net('ip4', $name)
+    $ip4_addr = index2addr($ip4_net, $ip4)
+    $ip4_gw_index = lookup_default_gw($name)
+    $ip4_gw = strip_netmask(index2addr($ip4_net, $ip4_gw_index))
 
     if $mac {
         sys_fs::interface_name { $iface: mac => $mac }
 
-        if $ip4 {
+        if $ip4_addr {
             sys_apps::check_ip4 { $iface:
-                ip4 => $ip4,
+                ip4 => $ip4_addr,
                 extra => $extra_alias
             }
             sys_apps::etc_hosts { $fullname:
-                ip4 => $ip4,
+                ip4 => $ip4_addr,
                 canonical_alias => $canonical_alias
             }
         }
(at)(at) -70,7 +75,7 (at)(at)
 }
 
 
-define sys_apps::check_ip4($ip4, $extra = false) {
+define sys_apps::check_ip4($ip4, $extra=false) {
     $iface = $name
     $ip4_addr = strip_netmask($ip4)
 
(at)(at) -99,7 +104,7 (at)(at)
 }
 
 
-define sys_apps::check_ip6($ip6net, $mac, $extra = false) {
+define sys_apps::check_ip6($ip6net, $mac, $extra=false) {
     $iface = $name
     $ip6_addr = eui64($ip6net, $mac)
 
(at)(at) -126,10 +131,9 (at)(at)
 }
 
 
-define sys_apps::etc_hosts($ip4 = false, $ip6 = false,
-                           $canonical_alias = false) {
+define sys_apps::etc_hosts($ip4=false, $ip6=false,
+                           $canonical_alias=false) {
     $ip4_addr = strip_netmask($ip4)
-
     (at)(at)host { $name: ip => $ip4_addr }
 
     if $canonical_alias {

Modified:
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb
==============================================================================
---
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb	(original)
+++
gocept.infrastructure/testing/puppet/modules/sys_apps/templates/conf.d_net.erb	Wed
Dec 17 14:57:31 2008
(at)(at) -1,16 +1,5 (at)(at)
 # Managed by Puppet: do not edit this file directly. It will be overwritten!
 <%
-require 'ipaddr'
-# We assume that the default gateway is the first address in a IP net.
-def default_gateway(network)
-    gateway_override = scope.lookupvar('location::ip4_gw_'+iface)
-    if not gateway_override.blank? then
-        return gateway_override
-    else
-        return (IPAddr.new(network) | 1)
-    end
-end
-
 if bridged
     net_device = "br#{iface}"
 -%>
(at)(at) -22,12 +11,12 (at)(at)
 end
 -%>
 
-<% if not ip4.blank? %>
-config_<%= net_device %>=( "<%= ip4 %>" )
+<% if not ip4_addr.blank? %>
+config_<%= net_device %>=( "<%= ip4_addr %>" )
 routes_<%= net_device %>=(
-    "default via <%= default_gateway(ip4)%> tab <%= vlan %>" 
-    "default via <%= default_gateway(ip4)%>" )
-rules_<%= net_device %>=( "from <%= ip4 %> lookup <%= vlan
%>" )
+    "default via <%= ip4_gw %> tab <%= vlan %>" 
+    "default via <%= ip4_gw %>" )
+rules_<%= net_device %>=( "from <%= ip4_addr %> lookup <%= vlan
%>" )
 <% else %>
 config_<%= net_device %>=( "null" )
 <% end -%>
MailBoxer